[http://wiki2.dovecot.org/SSL/DovecotConfiguration Dovecot configuration] suggests setting the certs 0444 for the .crt and 0400 for the .key, but the wiki suggests 0644 and 0600, respectively. Personally, I do not see why anyone should have write permissions on the certs, esp. since they're not meant to be modified. Suggestions? --[[User:Gesh|Gesh]] ([[User talk:Gesh|talk]]) 23:30, 9 August 2012 (UTC)

−

Hey there, hopefully there are no problems while working down the guide. If there are, feel free to write them down here and I will come to them! However, please *do* try to correct any issues you find in the guide yourself if you can.

+

Hmm... I think you are right Gesh. I can't fathom how making the certs read only could damage the setup.

Also, shouldn't the chown nobody:nobody also be executed on the .crt file? I cannot understand the rationale of having it owned by root. At least with system-configuration files, you'd want both that root will be able to edit them and that *only* root be able to edit them. --[[User:Gesh|Gesh]] ([[User talk:Gesh|talk]]) 01:35, 10 August 2012 (UTC)

Hey there! Excellent tutorial, it almost worked like a charm! I had some problems with dovecot and roundcube. I'm not sure if they are sufficiently general to be added on the main tutorial, but I wanted to discuss them here:

+

# Dovecot Greeting. I had to place a Dovecot greeting in /etc/dovecot/dovecot.conf. I included "login_greeting = Dovecot ready for action."

+

# Instead of using TLS for IMAP in Roundcube I had to configure SSL. In particular, I had to change this "$rcmail_config['default_host'] = 'ssl://localhost/';" on Roundcube main.inc.php.

+

# I missed a comment on the 'username_domain' option in the configuration. As it was not mentioned in the tutorial I wrongly assumed that Dovecot allows login with only the username. But then I couldn't login from Roundcube using my username. Adding the "$rcmail_config['username_domain'] = 'mydomain.net';" option in Roundcube main.inc.php.

+

Thanks for the tutorial, I think it is pretty straightforward for a complex task a setting up the mail server. Best regards! --[[User:Es0x279e|Es0x279e]] ([[User talk:Es0x279e|talk]]) 10:12, 6 October 2012 (UTC)

−

The only problem I had is with "authpgsqlrc". It doesn't seem to accept hardcoded values like "5000" or "/home/vmail" so I left the default value for these fields and added them in my table schema with "5000" or "/home/vmail" as the default values.

+

Hi! I cannot for the life of me get roundcube to work. It fails when I try to do the login to the IMAP server during installation. I get:

I've tried changing it to ssl:// and without ssl:// or tls:// but for some reason it just does not work and I do not know where to go from here. Help would be greatly greatly appreciated. --[[User:Pei|Pei]] ([[User talk:Pei|talk]]) 04:20, 2 November 2012 (UTC)

−

Did that work? If yes, can you put instructions to the main guide? --[[User:Svenstaro|Svenstaro]] 00:52, 29 December 2010 (EST)

Expanded the Roundcube section and added some info for SpamAssassin and added the tip to remove "Received header". Had to do a bit of digging today to set it up, figured I add it here so it will be helpful. [[User:KingX|KingX]] ([[User talk:KingX|talk]]) 02:55, 21 April 2013 (UTC)

−

Now I wonder how to set up STARTTLS/TLS in order to use my SMTP server from any IP using authentified access.

+

Thank you!, the best tutorial I found, just want to point out some problems I had during the installation.

−

You mean you want to block/allow access based on IPs? Perhaps you should look into using ipchains or some other firewall there. --[[User:Svenstaro|Svenstaro]] 00:55, 29 December 2010 (EST)

+

A) If vmail id/gid != 5000, you may have dovecot-sql.conf correct, but postfix still complains for db access. Better listen to Svenstaro from the begining.

−

== smtps doesn't work, additional step needed ==

+

B) Roundcube installer: DO NOT TRUST IT!.

−

Thank you for your work!

+

main.inc.php ,

+

$rcmail_config['default_host'] = 'ssl://localhost';

+

If you use tls for IMAP, it will not work and you will get nightmares with the "STARTTLS command first" error. (roundcube tries to use ssl anyway)

+

+

You can use tls for the SMTP server thoug, but also keep the next lines like this:

+

$rcmail_config['smtp_server'] = 'tls://localhost';

+

$rcmail_config['smtp_port'] = 587;

+

$rcmail_config['smtp_user'] = '%u';

+

$rcmail_config['smtp_pass'] = '%p';

+

If you use ssl, you also have to allow ssl connections. Change 'encrypt' for 'may' in your master.cf file, or you will have those nightmares again:

+

-o smtpd_tls_security_level=encrypt

+

C) mysql.so and imap.so must be enabled (/etc/php/php.ini)

−

the postfix version is 2.8.0-2 here, and I followed the steps, got the mail server working successfully, but the smtps function didn't work. I found the solution in [[SOHO_Postfix#SMTP-AUTH]], /etc/postfix/master.cf should be edit.

+

D) php.conf: You can create aliases for roundcube and postfixAdmin folders, so you don't bulk your /srv/http/ directory

−

the line begin with "smtps" is commented default, i uncomment that line and the following two lines, then restart postfix service, problem solved.

+

E) Your hostname have to include your domain name:

+

lupus@ulula:~$ hostname

+

myHostName.mysite.org

+

F) Bloking port 25 is a common practice for ISP's. This port is where all incoming mail is delivered, so you will not be able get your mail from the outside world. Don't panic (I did), you need a MX DNS server with port fordwarding (or convice your isp that blocking the smtp port is for loosers). This site offers the service for free, good enough to play around: [http://rollernet.us]

−

Oh, you are correct. It seems this changed in a recent release of this package. I'm changing the main article to reflect this. --[[User:Svenstaro|Svenstaro]] 00:29, 11 February 2011 (EST)

+

Edit your master.cf file to something like this

+

smtp inet n - n - - smtpd

+

26 inet n - n - - smtpd

+

submission inet n - n - - smtpd

+

Last word of advice: DO NOT mix virtual server mail with non virtual server mail configuration!

Whenever I try to login to the mailaccount I created using postfixadmin with roundcube, I get the following error message (from roundcube):

+

IMAP Error: Login failed for me@my.domain.com from my.ip.adre.ss. Could not connect to ssl://localhost:993: Connection refused in /usr/share/webapps/roundcubemail/program/lib/Roundcube/rcube_imap.php on line 184 (POST /roundcubemail/?_task=login&_action=login)

+

+

Also, when I tried to send an email to my account from another E-Mail adress, I got the following error report:

+

The recipient server did not accept our requests to connect. Learn more at http://support.google.com/mail/bin/answer.py?answer=7720

+

[(0) my.domain.com. [81.10.164.94]:25: Connection refused]

+

+

Whats wrong?

Revision as of 01:06, 24 November 2013

crt file

Dovecot configuration suggests setting the certs 0444 for the .crt and 0400 for the .key, but the wiki suggests 0644 and 0600, respectively. Personally, I do not see why anyone should have write permissions on the certs, esp. since they're not meant to be modified. Suggestions? --Gesh (talk) 23:30, 9 August 2012 (UTC)

Hmm... I think you are right Gesh. I can't fathom how making the certs read only could damage the setup.
--Justforgetme (talk) 00:10, 10 August 2012 (UTC)

Also, shouldn't the chown nobody:nobody also be executed on the .crt file? I cannot understand the rationale of having it owned by root. At least with system-configuration files, you'd want both that root will be able to edit them and that *only* root be able to edit them. --Gesh (talk) 01:35, 10 August 2012 (UTC)

Problem with dovecot and roundcube

Hey there! Excellent tutorial, it almost worked like a charm! I had some problems with dovecot and roundcube. I'm not sure if they are sufficiently general to be added on the main tutorial, but I wanted to discuss them here:

Dovecot Greeting. I had to place a Dovecot greeting in /etc/dovecot/dovecot.conf. I included "login_greeting = Dovecot ready for action."

Instead of using TLS for IMAP in Roundcube I had to configure SSL. In particular, I had to change this "$rcmail_config['default_host'] = 'ssl://localhost/';" on Roundcube main.inc.php.

I missed a comment on the 'username_domain' option in the configuration. As it was not mentioned in the tutorial I wrongly assumed that Dovecot allows login with only the username. But then I couldn't login from Roundcube using my username. Adding the "$rcmail_config['username_domain'] = 'mydomain.net';" option in Roundcube main.inc.php.

Thanks for the tutorial, I think it is pretty straightforward for a complex task a setting up the mail server. Best regards! --Es0x279e (talk) 10:12, 6 October 2012 (UTC)

Hi! I cannot for the life of me get roundcube to work. It fails when I try to do the login to the IMAP server during installation. I get:
"Connecting to tls://localhost/...
IMAP connect: NOT OK(Login failed for [edited] from [edited]. Empty startup greeting (localhost:993))"
I've tried changing it to ssl:// and without ssl:// or tls:// but for some reason it just does not work and I do not know where to go from here. Help would be greatly greatly appreciated. --Pei (talk) 04:20, 2 November 2012 (UTC)

Undid the last contribution of (Mehtab) because listening interfaces should beimplementation speciffic for this Postfix installation. If anybody disagrees let me know. Justforgetme (talk) 06:41, 4 December 2012 (UTC)

Expanded the Roundcube section and added some info for SpamAssassin and added the tip to remove "Received header". Had to do a bit of digging today to set it up, figured I add it here so it will be helpful. KingX (talk) 02:55, 21 April 2013 (UTC)

Thank you!, the best tutorial I found, just want to point out some problems I had during the installation.

A) If vmail id/gid != 5000, you may have dovecot-sql.conf correct, but postfix still complains for db access. Better listen to Svenstaro from the begining.

B) Roundcube installer: DO NOT TRUST IT!.

main.inc.php ,

$rcmail_config['default_host'] = 'ssl://localhost';

If you use tls for IMAP, it will not work and you will get nightmares with the "STARTTLS command first" error. (roundcube tries to use ssl anyway)

You can use tls for the SMTP server thoug, but also keep the next lines like this:

If you use ssl, you also have to allow ssl connections. Change 'encrypt' for 'may' in your master.cf file, or you will have those nightmares again:

-o smtpd_tls_security_level=encrypt

C) mysql.so and imap.so must be enabled (/etc/php/php.ini)

D) php.conf: You can create aliases for roundcube and postfixAdmin folders, so you don't bulk your /srv/http/ directory

E) Your hostname have to include your domain name:

lupus@ulula:~$ hostname
myHostName.mysite.org

F) Bloking port 25 is a common practice for ISP's. This port is where all incoming mail is delivered, so you will not be able get your mail from the outside world. Don't panic (I did), you need a MX DNS server with port fordwarding (or convice your isp that blocking the smtp port is for loosers). This site offers the service for free, good enough to play around: [1]

Server refuses connection

Hello!
Whenever I try to login to the mailaccount I created using postfixadmin with roundcube, I get the following error message (from roundcube):

IMAP Error: Login failed for me@my.domain.com from my.ip.adre.ss. Could not connect to ssl://localhost:993: Connection refused in /usr/share/webapps/roundcubemail/program/lib/Roundcube/rcube_imap.php on line 184 (POST /roundcubemail/?_task=login&_action=login)

Also, when I tried to send an email to my account from another E-Mail adress, I got the following error report: